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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 



: . A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

: - Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event, however, may a reply be timely filed 

after SIX (6) MONTHS from the mailing date of this communication. 
! - If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 
: - Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 

earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

; 1)^ Responsive to communication(s) filed on 12 March 2004 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

■ 3)D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

■ 4)^ Claim(s) 1-12 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

: 5)D Claim(s) is/are allowed. 

6)El Claim(s) 1-12 is/are rejected. 
: 7)D Claim(s) is/are objected to. 

8)D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

; 9)D The specification is objected to by the Examiner. 

hO)KI The drawing(s) filed on 12 March 2004 is/are: a)E3 accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
I Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) ^ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
aM AN b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



1. Claims 1-12 are pending. 

Information Disclosure Statement 

2. The references cited in the IDS of 8/9/2004 that have been lined through have 
not been considered because no date for the references was provided on the IDS. 
Examiner requests that a date be provided for the references that include at least the 
year. 

Claim Objections 

3. Claim 5 is objected to because of the following informalities: claim 5 contains the 
typographical error "identifyable" and should instead read "identifiable." Appropriate 
correction is required. 

Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 
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(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

1 . Claims 1-2, 4-8, and 10-12 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Kahn US Patent No. 7,185,192. 

2. With regards to claims 1, 7, Kahn teaches an electronic data processing facility 
adapted to run an operating system for configuring the data processing facility and an 
application program for editing data comprising (Kahn, column 12 line 48 - column 13 
line 15) a data store for storing the data (Kahn, Figure 1 Item 350-3, column 19 lines 49- 
55, managed resource database), a documentation memory for storing documentation 
data for documenting access to the data (Kahn, Figure 1 Item 350-7, column 18 lines 3- 
15, log and audit database), and a user object memory for storing user objects for 
authenticating and documenting access to the data (Kahn, column 18 lines 15-35, users 
accounts and user/groups/role identities, Figure 1 Items 350-1 and 350-2), the user 
object memory being further for storing documentation user objects storable in the 
documentation memory at the level of the application program for the purpose of 
documenting access to the data (Kahn, Figure 1 Item 350-7, column 18 lines 3-15, log 
and audit database) and for storing an authentication user object which is assignable a 
data access right at the level of the operating system (Kahn, column 18 lines 35-45, 
identity of a role is determined) and which is assignable to a plurality of documentation 
user objects for authenticating the data access right to the documentation user objects 
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(Kahn, column 19 lines 49-63, identity and role is combined with access type and 
resource identifier to make an access request which is authenticated). 

3. With regards to claims 2, 8, Kahn teaches a security check is performed (Kahn, 
column 18 lines 20-25, login process and authentication) to identify a user prior to 
accessing the data (Kahn, column 18 lines 20-30, validates information from user, 
column 18 lines 36-40, identity is determined before request) and wherein a 
documentation user object and an authentication user object are assignable to a user 
on the basis of a result of the security check (Kahn, column 18 lines 25-35, user 
identifier and role are assigned). 

4. With regards to claims 4, 10, Kahn teaches the user object memory is 
connected to the data processing facility via a connection suitable for data 
communication (Kahn, Figure 1, column 12 lines 50-55). 

5. With regards to claims 5 and 11, Kahn teaches a method for the processing of 
electronic data by a user using an electronic data processing facility, adapted to run an 
operating system for configuring the data processing facility and an application program 
editing the data (Kahn, column 12 line 48 - column 13 line 15) comprising: identifying 
the user as a documentation user object (Kahn, column 18 lines 15-20 and 35-45, user 
accounts), identifying the user as an authentication user object (Kahn, column 18 lines 
15-20, 35-45, and 51-64, role object provides for authentication of access requests), 
assigning the authentication user object a right to access data at the level of the 
operating system (Kahn, column 21 lines 4-21 , objects may require a particular role for 
access, column 18 lines 15-35, role is assigned upon login) and storing data access 
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operations for documentation purposes in connection with a documentation user object 
at the level of the application program (Kahn, Figure 1 Item 350-7, column 18 lines 3-15, 
log and audit database) wherein a plurality of users are identifiable by the same 
authentication user object and are authenticable for the same data access right (Kahn, 
column 18 lines 15-20 and 35-45, role can identify a plurality of users). 

6. With regards to claims 6 and 12, Kahn teaches a storage medium on which 
information is stored adapted to interact with an electronic data processing facility in 
order to carry out the method of claim 5 (Kahn, Figure 1 , column 1 9 lines 33-55, 
resource server, managed resources database). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 3 and 9 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Kahn US Patent No. 7,185,192 in view of Wood et al US Patent No. 6,892,307. 

8. With regards to claim 3 and 9, Kahn fails to specifically teach at least one of a 
device for checking biometric data, a device for checking at least one of a mechanical 
and electronic key and a device for checking a chip card to perform the security check. 
However, Wood teaches at least one of a device for checking biometric data, a device 
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for checking at least one of a mechanical and electronic key and a device for checking a 
chip card to perform the security check (Wood, column 4 lines 38-50, evidence including 
retina, fingerprint, voiceprint, smart card, and keys). At the time the invention was 
made, it would have been obvious to a person of ordinary skill in the art to utilize 
Wood's method of authentication because it provides the advantage of multiple forms of 
authentication evidence thus allowing for multiple levels of trust to be established for a 
user based upon which authentication mechanisms are used (Wood, column 2 lines 29- 
44). 

Conclusion 



The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

9. Gullotta et al US Patent No. 6,947,989 discloses a method for provisioning 
resources to users based on policies, roles, organizational information, and attributes. 

10. High, Jr. et al US Patent No. 7,124,192 discloses a role permission model for 
security policy administration and enforcement. 

1 1 . Barkley et al US Patent No. 6,202,066 discloses an implementation of role/group 
permission association using object access type. 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andrew L. Nalven whose telephone number is 571 272 
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3839. The examiner can normally be reached on Monday - Thursday 8-6, Alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571 272 381 1. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




